Frank Leonhardt's Blog

The road to hell…

I’m not a communist, but it’s pretty obvious to me that there are some things that are best not left to the free market. The management of Internet domain names is one of them. And no, I’m not about to discuss the pigs breakfast that the American’s have made involving Network Solutions. This problem’s home grown, and fortunately, it hasn’t happened yet.

Nominet is the not-for-profit company that manages the allocation of most of the .uk domain names (notable exceptions being .gov.uk and .ac.uk). By and large it does a pretty good job; and anyone who thinks otherwise should look across the Atlantic and think again.

But this, apparently, is not enough. The management wants to widen its terms of reference to allow it to undertake new projects such as the allocation of telephone numbers. Now I don’t have a problem with this – Nominet has proved it can allocate domain names, so they’re a sensible choice to take on this new role. However, the terms of reference they are asking for allows them to offer ‘consultancy’ services. According to the document, they’re being asked for this and turning potential customers away. I say ‘Good!’

Nominet has a ‘public service’ charter. It’s a monopoly because we need one. The Internet community in the UK effectively owns Nominet, and it represents everyone’s interests. This is why it was set up with such narrow terms of reference – it’s a one-trick pony. It does what it does, and it does it well. It’s not competing in the marketplace for anything else, and no one can compete with Nominet.

But what if it could complete with other companies? It wouldn’t be doing so on equal terms – it holds the levers of control for the whole UK DNS. It has a guaranteed income stream form issuing domain names. It can take risks and lose money without worrying because it has a goose laying golden eggs. It’d make one hell of a player! But it would do so at the expense of everyone else.

Is the management of Nominet actually bent on world domination? Well I’ve had a chat with the people responsible and they insist that they only wanted to bid of the telephone number allocation business and while they were at it they wanted some general clauses added to cover future eventualities without having to change their terms of reference again. They had no intention of competing with their members or anyone else. That’s great, but will it remain so for the rest of time? I doubt it. With nothing in the terms of reference to hold them back, sooner or later someone would take advantage. What’s the point of having power and not using it.

If you’re going to have a non-profit organisation managing a monopoly for the public good then it should do just that. No more, no less.

For more information take a look at Nominet’s web site under consultations.

For Nominet’s Consultation Document click here.

2-August-0623-September-16

How to prevent spammers getting your email address

Everyone knows this one, right? Just obey the following rules:

Don’t give your email address to strangers
Never post your email address on newsgroups
Don’t leave your email address lying about on web pages.
Don’t reply to spam – they know you’re reading it.

Unfortunately this advice is seriously out-of-date, although some emails are still harvested by spammers this way. People keep asking the question “I didn’t do any of the above, so how come I’m getting all this spam?”

What the American spammers are actually doing is using malicious software on innocent computers (installed using the normal virus channels). Amongst other things, this software searches the victim’s hard disk for all the email addresses it can find. It then sends the results back to be added to their spamming list. In order to have your email address added to a spamming list, all you need do is exchange an email with an infected PC – or a PC that becomes infected in the future.

As to item four, about never responding to spam, this is no longer the case. Spammers don’t use their real return address anyway. They track who’s reading their wares by embedding a reference to an image in an HTML email. When the message is displayed the image is downloaded from their server; when this happens they know who it was. Microsoft Outlook allows this to happen; Microsoft doesn’t appear to be in any hurry to fix it.

So what can you do? Not much! If you can, use disposable emails. For example, if you’re the secretary of a club and you correspond with a large number of people, some of whom are likely to be hijacked, make your email address ’secretary1@…’. When this is compromised, change it to ’secreatry2@…’ and so on.

A proper solution is needed, but there’s no political will to solve it. The identity of the criminals doing this is well-enough known; the American’s just let them operate virtually unhindered. Something to do with ‘freedom of speech’!

25-July-0618-November-09

Using AOL with a Router

Why does everyone hate AOL (America On Line) so much? Probably because it allowed Joe Public access to the Internet, and Joe Public didn’t know how to behave. AOL also provides a simplified service at what has often been a premium price. And their marketing makes the technically literate cringe with embarrassment.

However, people do use AOL Broadband, using a modem. Today I had to get ADSL running for a small charity that happened to have a live subscription to AOL, so why not use that? No information on if or how it would work with a router, that’s why not.

However, some experimentation, judicious guesswork and a polite but firm telephone call to an overseas call centre produced the following results:

First off, remember this is for England only. Secondly, AOL calls the user-ID a ’screen name’. Make sure you get the case exactly right – it’s sensitive!

So, to make AOL work with your router as follows:

PPP User ID: [screen name]@aol.com
PPP Password: [usual password]
PPP Authentication: CHAP (or PAP+CHAP)
VCI: 38
VPI: 0
Modulation: G.DMT
Dynamic IP address
Encapsulation: VC Mux (Multiplexed)
Protocol: PPPoA

This assumes you know what PPP is, and how you program your router. If not, I hope you’ve got a good router manual. Set this lot up and away you go – LCP will provide the necessary IP address, DNS and so on – filtered down to the machines on the LAN by DHCP automatically. Well it worked for me!

AOL doesn’t provide a full-on two-way Internet connection, but it probably does what most domestic users want and if they’re caught in a twelve-month contract there’s no sense in cancelling early.

5-July-0621-August-09

Beefeater – what do you expect?

I’d normally give any chain of eateries with a name like Beefeater a very wide berth. About ten years ago I went with a group of friends to and Angus Steak House, and it was the vegetarian starvation zone you’d expect – with an attitude to match.

Today I was looking for somewhere to eat near Borough Green with Barry (a devout, but discriminating carnivore) and he was very keen to try the Beefeater. To be honest, there wasn’t any choice in the area and we’d been suck in the M25 traffic for what seemed like eternity and we had a lot of work ahead of us, so I went along with it.

As it turned out they didn’t have much that was pure veggie (a side order of chips?) but if you each cheese or fish you’d be okay. But at least they didn’t have the attitude.

1-July-0618-November-09

E7Even

I’ll try not to say “I told you so”, but e7even (aka e7broadband) has ceased providing any kind of service to its customers. Has it gone bust? No. It seems to have done a deal to let Mr Marrocco (186k) take over their customers – they won’t give the MAC to anyone else. For another ADSL provider to take over a line from another provider you need a MAC (Migration Authorisation Code) and guess what? E7even aren’t providing one of those either. It seems doubtful that the customers that paid up-front will be receiving a refund.

E7even was the cheapest ADSL provider by quite a large margin. When they launched their customers felt they had a bargain – it did work quite well. The rest of us figured out that they’d either be unable to provide proper backup at that price; had swung a fantastic wholesale deal; or had found a sure-fire way of going bust.

As time passed there were signs of disagreements and problems with E7even’s wholesale suppliers (yes, they had more than one) and the whole thing started to fall apart.

Now E7even’s customers are faced with either losing their service (their money already seems to have gone) or sign up with Mr Marrocco for a high-priced alternative. I’ve seen nothing to prove that 186k is capable of supporting retail ADSL users. As a company it’s seems to be going around with a pot of money and buying everything it can.

This story will, no doubt, roll on for some time to come.

19-June-0625-November-09

Flamin’ Forty!

Well that’s it – forty years old. I’ve just turned forty. This is pretty much half way, and I’ve never kept a diary. In fact, I’ve never had much to do with paper in any form – but technology has moved on.

An old colleague of mine from journalism days – David Brake – started a blog years ago and I thought it was a fun idea. So I’ve set this one up using the same software on the assumption that he knew what he was doing.

1-August-9927-July-24

Why won’t my IAR compiler work past 2000? – UBROF bug

If you check out IAR’s web site you’d be forgiven for thinking that IAR compilers had no problems with dates past 2000. You’d be quite wrong – they’ve got more Y2K bugs than a termite hill and they’re too shy to tell you about them.

It’s true that most tools since late 1998 are fixed but pretty much all the older ones have the same set of funnies. Most listings will be dated 22/Jun/102; the ‘C’ __DATE__ macro has a similar amusing effect, and so does the DATE 6 equivalent in the assembler. Embarrassing but not fatal, although it would have been nice if they’d owned up to the world on their web site.

However, if you’re using the IAR debug object format, UBROF, you may be in for a much worse surprise. The UBROF format has a header containing the link time and date. This is also messed up, such that several debuggers are known to reject files linked post-2000 due to invalid header information. This isn’t a bug in the debugger

IAR’s solution is to upgrade. Well they would say that, wouldn’t they? You don’t fancy jumping your compiler version on three years? Rather stick with the devil you know? Then download iarfix.com now. Simply run this on your output file after the linker has done its stuff and it’ll fix up the header and anything else it can find that might be wrong with it. You can even give it a wildcard file spec if you have a directory full of stuff that chokes your debugger.

It’s not supported, not guaranteed and not properly tested but you’re welcome to try it. If it doesn’t do it for you then let me know and I’ll think about updating it – but there have been no complaints in the last twelve months. If you’re the type that really must have a support contract for ISO9000 reasons then I’ll sell you one for £1000 a year and make damn sure it works for you. Still interested? I thought not. Enjoy!

As a final kick in the teeth, IAR managed to release a few disastrous ‘compliance’ updates, some of which have made it into the wild. They fix the embarrassing listing problems but, for some inexplicable reason, stop and catch fire when asked to read or write to a file with a year stamp of 2000 (including ones that it has just opened itself). Was a complete mystery why how or why they could have coded their file handling code in such a way that the date mattered, and even more of a mystery why they didn’t notice it when they tested it. Nice once guys! If you wait until 2001 then these rogue tools start working again without any apparent problems.

I’ve now disassembled one of their iffy compilers if anyone’s interested What on earth did IAR do to break their compiler?

Finally, if anyone from IAR in Sweden is reading this and thinks I’m being a bit hard on them – think about this: If you disclosed this information on your web site instead of pretending that everything was okay then none of this would have been necessary. Your customers are going to find out soon enough anyway, and when they do you’re going to look even worse.

(Originally published as www.fjl.co.uk/answers/faq/q3.htm)

14-July-9927-July-24

What on earth did IAR do to break their compiler?

Some IAR compilers have an horrendous year-2000 bug. It took me about 30 minutes to disassemble one of their compilers and track down what they’d done wrong.

Basically, for some reason I don’t have the inclination to figure out, all file-open and file-close operations go through one of their own weird routines that wraps around the POSIX open() and creat() functions, which are themselves wrappers for the Windows equivalent. As part of this pantomime the date stamp is obtained. What they’re actually doing is loading the date stamp year portion (which is the year offset from 1900) with 100 before making the call and checking to see it isn’t still 100 when it returns. If it is, they assume that the open/creat process has failed somewhere because no new year was loaded. The only snag, of course, is that 2000 is actually 100 years from 1900 – someone obviously assumed it’d wrap to 00.

You can easily patch this problem out by changing the rogue value to 0xff or similar if you feel so inclined. To find it just start with the OpenFile() dynamic link in the executable (we’re talking Win32 exe here), look to see what calls it. This looks like a standard library the open() function. Then look to see what calls that (the weird IAR function). Inside look for where 100dec is loaded into a structure and replace it with something else. Don’t be tempted to play a little trick on your colleagues and time-bomb it for another year in the future.

I’d be most interested if someone with access to the source code could confirm or reject this explanation – in confidence of course!

(Originally published as www.fjl.co.uk/answers/faq/q3a.htm)